0
命令是什麼與MySQL INSERT相反?MySQL對面的插入命令
我想知道如何從沒有管理員的表中刪除用戶。我到處搜索,但根本找不到它。
這裏是我的PHP文件:
<?php
$username = $_POST["username"];
$password = $_POST["password"];
$passcheck = $_POST["passcheck"];
$email = $_POST["email"];
if ($username && $password && $passcheck && $email) {
} else
echo "Please enter all fields";
?>
...
<form action="register.php" method="post">
<input type="text" name="username"><br>
<input type="password" name="password"><br>
<input type="password" name="passcheck"><br>
<input type="text" name="email"><br>
<input type="submit" value="Register">
</form>
<?php
$username = $_POST["username"];
$password = $_POST["password"];
$passcheck = $_POST["passcheck"];
$email = $_POST["email"];
if ($username && $password && $passcheck && $email) {
$connect = mysql_connect("localhost", "root", "root") or die("Couldn't connect!");
mysql_select_db("login") or die("Couldn't find database!");
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows != 0) {
echo "Username taken";
} else
if ($password == $passcheck) {
mysql_query("INSERT INTO users (username, password, email)
VALUES ('$username','$password','$email')");
} else
echo "Passwords don't match";
} else
echo "Please enter all fields";
?>
'DELETE FROM some_table WHERE some_column = some_value' – Supericy
地球上什麼是你使用Google? 「mysql刪除」充滿了你所需要的。由於您明顯是新手,因此您應該使用PDO或mysqli與數據庫進行交互。 mysql_已被棄用 –
是的,@KaiQing是100%正確的。您的代碼完全開放,可以被SQL注入攻擊。實際上,只要有一點技巧的人(或名稱[Bobby Tables](http://xkcd.com/327/))發現您的網站,您的數據庫就會被運用(並且數據隨後被刪除/損壞)。 – BryanH